On Tue, 2002-08-27 at 03:09, Jhun Bacala wrote: > here's the output of that command: > > [root@inventory jhun]# rpm -V $(rpm -qf $(which login)) > missing /etc/pam.d/chsh > missing /etc/pam.d/kbdrate > missing /etc/pam.d/login > > I don't know about this but from what it says it think this is what causing > the problem. how do I correct this Bret? >
Yep that is a problem alright. I would reinstall the package that contains login. The rpm qf $(which login) part of the command above returns the name of the package that contains the file returned by which login. on my 7.2 system it is util-linux: [bhughes@bretsony bhughes]$ which login /bin/login [bhughes@bretsony bhughes]$ rpm -qf /bin/login util-linux-2.11f-9 so we need to install/upgrade util-linux. I would firstlook at a redhat's site or a mirror to see if there is an upgraded package out there. If not and assumming you installed from cd, mount it and cd into RedHat/RPMS look an see if the package we want is on that cd ls util* if not look on the other cd we can look at the package file before installing it; rpm -qip util-linux* shold give you some information to let you know that this is indeed the package that contains some basic progs that your system needs to operate. if it is the same version as the one already on the system you will need to force it I think. try it first rpm -ivh util-linux<tab> # the tab key should complete the file name, if not and you get a beep hit tab twice and it should give you a list of files that meet the criteria specified so far. I see this a lot if there are devl packages. I like the tab completion since it eliminates the possibility of mistyping the package file name and yes you will need to specify the entire file. you probably get an error that the pacakage is already installed so force it rpm -ivh util-linux<tab> --force If all goes well you should be jammin. if not post the error and we'll work on it. NOW. why did these file go away? I would highly suspect that you have been hacked unless you remember dinking around in /etc/pam.d and deleting files. I am not the guy to talk to on determining if you have been hacked. Search the archives at http://www.prairienet.org/library/redhat/ of google around for rootkit detector or something like that there are scripts that get updated periodically that are supposed to be good at detecting if someone has rooted your box. I would reinstall if I had the slightest suspicion of the integrity of the machine. <insert security sermon here> HTH Bret > thanks > > jhun > > > At 10:26 PM 8/26/02 -0500, you wrote: > >On Mon, 2002-08-26 at 21:19, Jhun Bacala wrote: > > > Hi Bret, > > > > > > Sorry for the luck of information, It did not return any error when I try > > > to login it just keeps returning to the login prompt it > > > ask won't for my password even for root. But when using ssh, I can login > > > smoothly. > > > >another thought. If this used to work and does not you might have been > >hacked poorly. what does rpm -V $(rpm -qf $(which login)) show? > > > >Bret > > > > > > > >-- > >redhat-list mailing list > >unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe > >https://listman.redhat.com/mailman/listinfo/redhat-list > > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
